Parse BREW (Binary Runtime Environment for Wireless) Platform OS mobile phone image dumps using known hex signatures in Python. In particular, parses SMS (message) data Contact data from a given mobile BREW image.
- Binary memory image file of a BREW OS phone (extracted using forensics techniques, e.g. chip-off)
- Python 3 installation + required pip packages (run
pip3 -r install requirements.txt)
- Incrementally searches memory file for possible contacts and SMS headers
- Shows start memory address for each contact entry or SMS entry found
- Displays each name & phone number for any contact entries
- Displays message data content & associated phone number for any SMS entries
- Writes found contact output to CSV file (shown below)
- Write found SMS data output to CSV file
- (If time permitting) Implement parsing timestamps for SMS messages (issue #4)